Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T4gE6IM9QCgCV2O9V1Avpn5DoZg.roa
File:                     T4gE6IM9QCgCV2O9V1Avpn5DoZg.roa (raw, json)
Hash identifier:          oRnHGfyLflDnR7mHxPWB3tGCPb53qdPNfalYyyVVdBk=
Subject key identifier:   4F:88:04:E8:83:3D:40:28:02:57:63:BD:57:50:2F:A6:7E:43:A1:98
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018281EC73772A51D3974D5DB3191379AE6B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T4gE6IM9QCgCV2O9V1Avpn5DoZg.roa
Signing time:             Tue 09 Aug 2022 09:25:32 +0000
ROA not before:           Tue 09 Aug 2022 09:25:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399045
IP address blocks:        163.5.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:81:ec:73:77:2a:51:d3:97:4d:5d:b3:19:13:79:ae:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug  9 09:25:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f8804e8833d4028025763bd57502fa67e43a198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ba:4c:5b:4a:fb:85:ae:37:c7:45:cf:1e:88:
                    ca:9c:30:22:6a:68:06:7d:c9:c0:d4:0a:52:1a:a7:
                    f7:46:8b:8c:e9:4e:87:13:6d:c1:27:af:77:50:b2:
                    1c:73:64:3a:01:9b:53:7a:37:47:de:93:6a:cc:75:
                    12:ef:83:43:49:83:ca:87:de:bd:7a:9c:02:25:87:
                    7a:d2:a9:55:b9:8a:99:12:86:a4:97:7e:bf:76:3e:
                    d6:bb:64:ed:08:f1:d6:36:51:00:a8:22:9d:0d:88:
                    04:19:12:5a:01:3a:d9:27:25:52:24:ab:90:cb:f7:
                    23:33:e6:3b:b1:8b:a2:69:9e:5b:38:c0:71:8a:c0:
                    30:d3:0e:d9:05:1f:b3:34:db:6a:0f:c4:12:7f:6b:
                    df:72:6e:02:8d:49:99:d8:e5:dc:35:77:07:40:a5:
                    27:74:a1:02:74:90:d5:48:5b:38:b9:33:e1:28:b2:
                    37:a1:9b:03:3e:9c:10:52:d8:b1:86:a3:c3:a8:0b:
                    00:9c:b0:d4:14:d9:65:bb:57:ec:22:10:54:1d:bf:
                    91:4c:31:35:6b:ab:7a:0e:fe:52:82:15:39:fc:ac:
                    df:45:00:78:2c:63:b6:91:66:76:bd:ef:1d:8c:d2:
                    96:e7:ad:35:2e:71:53:00:63:f3:8f:47:fd:29:9a:
                    f4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:88:04:E8:83:3D:40:28:02:57:63:BD:57:50:2F:A6:7E:43:A1:98
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/T4gE6IM9QCgCV2O9V1Avpn5DoZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:18:b8:51:39:eb:23:b5:30:95:e0:38:c0:9d:2d:ad:c0:c8:
         9b:aa:1b:2a:d9:8d:c8:da:67:f9:d6:b9:0a:12:e3:f6:29:2e:
         2b:03:0e:b3:87:ff:9c:16:28:ee:e3:b4:1f:cd:41:51:c9:30:
         31:fc:f1:b6:5b:e5:a8:9b:e7:67:e1:42:cd:8e:a4:b3:cf:06:
         6b:cd:d5:e3:ac:ee:f8:f1:12:bf:97:2f:c3:63:7e:a7:15:91:
         53:59:95:d4:a3:48:c7:b9:fa:c4:1c:31:99:61:1c:83:4d:f7:
         7d:be:35:c5:af:b5:10:19:f0:21:a1:d9:8b:7c:03:a0:46:ed:
         69:7d:3f:2e:2c:58:2a:63:bc:69:d2:74:f8:35:45:bf:f1:54:
         24:d6:7f:fc:d6:7c:7d:47:0e:4d:7a:4e:34:eb:70:60:cd:04:
         86:5b:ad:68:dd:f2:50:43:13:3b:42:16:dd:02:b4:1a:3f:06:
         d2:48:91:d0:d6:76:43:da:2f:6c:81:5b:2e:0c:01:61:fe:8a:
         a5:c4:d2:83:ff:7e:d1:ff:11:39:41:08:af:3f:f1:b3:d7:20:
         c3:e2:c5:94:92:b6:1f:31:b3:d8:03:c1:da:6a:3e:05:2e:bc:
         e3:19:31:0d:9f:91:06:ee:a5:26:5b:8e:93:e4:41:d3:4c:b4:
         19:d9:97:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKB7HN3KlHTl01dsxkTea5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA5MDkyNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg4MDRlODgzM2Q0MDI4MDI1NzYzYmQ1NzUwMmZhNjdlNDNhMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7pMW0r7ha43x0XPHojKnDAiamgG
fcnA1ApSGqf3RouM6U6HE23BJ693ULIcc2Q6AZtTejdH3pNqzHUS74NDSYPKh969
epwCJYd60qlVuYqZEoakl36/dj7Wu2TtCPHWNlEAqCKdDYgEGRJaATrZJyVSJKuQ
y/cjM+Y7sYuiaZ5bOMBxisAw0w7ZBR+zNNtqD8QSf2vfcm4CjUmZ2OXcNXcHQKUn
dKECdJDVSFs4uTPhKLI3oZsDPpwQUtixhqPDqAsAnLDUFNllu1fsIhBUHb+RTDE1
a6t6Dv5SghU5/KzfRQB4LGO2kWZ2ve8djNKW5601LnFTAGPzj0f9KZr0iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+IBOiDPUAoAldjvVdQL6Z+Q6GYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVDRnRTZJTTlRQ2dDVjJPOVYxQXZwbjVEb1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXVMA0G
CSqGSIb3DQEBCwUAA4IBAQABGLhROesjtTCV4DjAnS2twMibqhsq2Y3I2mf51rkK
EuP2KS4rAw6zh/+cFiju47QfzUFRyTAx/PG2W+Wom+dn4ULNjqSzzwZrzdXjrO74
8RK/ly/DY36nFZFTWZXUo0jHufrEHDGZYRyDTfd9vjXFr7UQGfAhodmLfAOgRu1p
fT8uLFgqY7xp0nT4NUW/8VQk1n/81nx9Rw5Nek4063BgzQSGW61o3fJQQxM7Qhbd
ArQaPwbSSJHQ1nZD2i9sgVsuDAFh/oqlxNKD/37R/xE5QQivP/Gz1yDD4sWUkrYf
MbPYA8Haaj4FLrzjGTENn5EG7qUmW46T5EHTTLQZ2ZfZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:21 2023 by rpki-client on console-fra.rpki-client.org